Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/zGPo6mnRBIYyQB68N4SoxJmoi44.roa
File: zGPo6mnRBIYyQB68N4SoxJmoi44.roa (raw, json)
Hash identifier: tyckAZxPrNs4vvBNRCXQiYrCFCex2rMQ9FJZNiDvwiI=
Subject key identifier: CC:63:E8:EA:69:D1:04:86:32:40:1E:BC:37:84:A8:C4:99:A8:8B:8E
Certificate issuer: /CN=279dbfdf4c20bdae8d6118566ece76444e46d171
Certificate serial: 0197445914697186CA30E171B43A054089F7
Authority key identifier: 27:9D:BF:DF:4C:20:BD:AE:8D:61:18:56:6E:CE:76:44:4E:46:D1:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J52_30wgva6NYRhWbs52RE5G0XE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/zGPo6mnRBIYyQB68N4SoxJmoi44.roa
Signing time: Fri 06 Jun 2025 08:26:17 +0000
ROA not before: Fri 06 Jun 2025 08:26:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 3257
IP address blocks: 46.33.64.0/19 maxlen: 24
62.41.0.0/20 maxlen: 24
62.41.16.0/21 maxlen: 24
62.41.24.0/22 maxlen: 24
62.41.32.0/24 maxlen: 24
62.41.37.0/24 maxlen: 24
62.41.56.0/21 maxlen: 24
62.41.64.0/20 maxlen: 24
62.41.80.0/22 maxlen: 24
62.41.84.0/23 maxlen: 24
62.41.102.0/24 maxlen: 24
62.41.160.0/24 maxlen: 24
62.50.128.0/19 maxlen: 19
62.132.0.0/22 maxlen: 22
62.132.16.0/22 maxlen: 22
62.132.24.0/23 maxlen: 23
62.132.28.0/24 maxlen: 24
62.132.42.0/23 maxlen: 23
62.132.114.0/23 maxlen: 23
62.132.116.0/23 maxlen: 23
62.132.132.0/23 maxlen: 23
77.67.0.0/17 maxlen: 24
77.77.128.0/18 maxlen: 24
87.119.64.0/18 maxlen: 24
89.149.128.0/18 maxlen: 24
92.71.0.0/17 maxlen: 17
92.71.128.0/18 maxlen: 18
134.222.0.0/16 maxlen: 16
135.196.228.0/23 maxlen: 24
135.196.232.0/23 maxlen: 24
135.196.238.0/23 maxlen: 24
141.136.96.0/20 maxlen: 20
185.160.40.0/22 maxlen: 22
192.16.202.0/24 maxlen: 24
192.54.104.0/24 maxlen: 24
192.67.190.0/23 maxlen: 23
192.67.192.0/22 maxlen: 22
192.67.196.0/24 maxlen: 24
192.129.32.0/23 maxlen: 23
192.129.36.0/24 maxlen: 24
192.129.43.0/24 maxlen: 24
192.129.44.0/24 maxlen: 24
192.129.46.0/23 maxlen: 23
192.129.48.0/23 maxlen: 23
192.129.54.0/24 maxlen: 24
192.129.56.0/23 maxlen: 24
193.141.0.0/23 maxlen: 23
193.141.2.0/24 maxlen: 24
193.141.40.0/22 maxlen: 22
193.141.44.0/23 maxlen: 23
193.141.140.0/23 maxlen: 23
193.242.80.0/20 maxlen: 20
194.41.62.0/24 maxlen: 24
194.45.4.0/23 maxlen: 23
194.45.12.0/23 maxlen: 23
194.45.47.0/24 maxlen: 24
194.45.98.0/23 maxlen: 23
194.45.182.0/23 maxlen: 23
194.120.0.0/24 maxlen: 24
194.120.43.0/24 maxlen: 24
194.120.112.0/22 maxlen: 22
194.120.120.0/22 maxlen: 22
194.121.52.0/22 maxlen: 22
194.121.104.0/23 maxlen: 23
194.121.123.0/24 maxlen: 24
194.121.203.0/24 maxlen: 24
194.121.220.0/22 maxlen: 22
194.122.76.0/22 maxlen: 22
194.122.80.0/21 maxlen: 21
194.122.120.0/21 maxlen: 21
194.122.224.0/20 maxlen: 20
194.122.248.0/22 maxlen: 22
194.123.122.0/24 maxlen: 24
194.123.164.0/24 maxlen: 24
195.143.0.0/16 maxlen: 24
212.0.224.0/19 maxlen: 19
212.1.0.0/19 maxlen: 19
212.14.64.0/19 maxlen: 19
212.27.160.0/19 maxlen: 19
212.56.0.0/19 maxlen: 19
212.81.64.0/18 maxlen: 18
212.115.128.0/18 maxlen: 24
212.189.0.0/17 maxlen: 17
212.221.0.0/17 maxlen: 24
212.222.0.0/16 maxlen: 24
213.200.64.0/18 maxlen: 18
213.251.0.0/18 maxlen: 24
213.254.192.0/18 maxlen: 24
217.114.112.0/20 maxlen: 20
217.117.160.0/20 maxlen: 20
217.118.112.0/20 maxlen: 20
217.195.224.0/19 maxlen: 19
2001:668::/29 maxlen: 64
2001:680::/32 maxlen: 32
2001:680:12::/48 maxlen: 48
2001:680:16::/48 maxlen: 48
2001:680:19::/48 maxlen: 48
2001:680:20::/48 maxlen: 48
2a00:1750::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/J52_30wgva6NYRhWbs52RE5G0XE.crl
rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/J52_30wgva6NYRhWbs52RE5G0XE.mft
rsync://rpki.ripe.net/repository/DEFAULT/J52_30wgva6NYRhWbs52RE5G0XE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 19 Jun 2025 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:44:59:14:69:71:86:ca:30:e1:71:b4:3a:05:40:89:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=279dbfdf4c20bdae8d6118566ece76444e46d171
Validity
Not Before: Jun 6 08:26:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cc63e8ea69d1048632401ebc3784a8c499a88b8e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:ae:71:12:f9:f5:87:fd:46:2b:6f:6d:85:17:
29:44:6d:0b:16:b4:ce:d4:8c:2d:cf:90:be:a9:4c:
c7:0e:09:bc:4c:96:f4:66:ce:05:fa:74:85:37:72:
2a:29:90:d2:02:f2:a5:7d:6b:4e:45:f2:2d:30:13:
d1:95:1b:e6:c4:2e:9e:eb:9c:cc:95:97:b5:be:25:
41:6d:26:7b:58:6a:70:c8:6e:b9:df:5b:91:b0:9c:
fc:97:42:d3:c8:c7:a9:52:1e:b0:73:b9:7c:13:92:
7f:f5:84:8d:8c:9f:05:df:9e:45:43:43:58:8b:b1:
0e:98:e8:12:4e:de:9d:1a:7f:51:8b:3c:79:dc:80:
bb:07:bf:85:73:1b:02:2a:be:ed:3c:b5:4f:8b:41:
a4:07:eb:48:1b:62:a5:98:11:91:39:58:89:60:90:
ff:8b:d8:9e:dd:24:b7:90:91:6d:c9:0f:53:0b:48:
69:f9:35:80:18:7a:ea:9d:a8:f4:4a:80:ab:e9:b2:
1c:59:23:f0:5e:82:5c:a5:a5:5a:75:77:d2:81:a1:
78:48:7b:8b:48:c2:5d:93:39:49:ce:94:9d:3a:74:
58:16:71:20:6e:2b:db:cf:46:13:83:9a:72:21:e8:
2b:d8:fb:19:b4:a4:a7:ed:e7:2c:60:60:96:e5:3b:
3a:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:63:E8:EA:69:D1:04:86:32:40:1E:BC:37:84:A8:C4:99:A8:8B:8E
X509v3 Authority Key Identifier:
keyid:27:9D:BF:DF:4C:20:BD:AE:8D:61:18:56:6E:CE:76:44:4E:46:D1:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J52_30wgva6NYRhWbs52RE5G0XE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/zGPo6mnRBIYyQB68N4SoxJmoi44.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/J52_30wgva6NYRhWbs52RE5G0XE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.33.64.0/19
62.41.0.0-62.41.27.255
62.41.32.0/24
62.41.37.0/24
62.41.56.0-62.41.85.255
62.41.102.0/24
62.41.160.0/24
62.50.128.0/19
62.132.0.0/22
62.132.16.0/22
62.132.24.0/23
62.132.28.0/24
62.132.42.0/23
62.132.114.0-62.132.117.255
62.132.132.0/23
77.67.0.0/17
77.77.128.0/18
87.119.64.0/18
89.149.128.0/18
92.71.0.0-92.71.191.255
134.222.0.0/16
135.196.228.0/23
135.196.232.0/23
135.196.238.0/23
141.136.96.0/20
185.160.40.0/22
192.16.202.0/24
192.54.104.0/24
192.67.190.0-192.67.196.255
192.129.32.0/23
192.129.36.0/24
192.129.43.0-192.129.44.255
192.129.46.0-192.129.49.255
192.129.54.0/24
192.129.56.0/23
193.141.0.0-193.141.2.255
193.141.40.0-193.141.45.255
193.141.140.0/23
193.242.80.0/20
194.41.62.0/24
194.45.4.0/23
194.45.12.0/23
194.45.47.0/24
194.45.98.0/23
194.45.182.0/23
194.120.0.0/24
194.120.43.0/24
194.120.112.0/22
194.120.120.0/22
194.121.52.0/22
194.121.104.0/23
194.121.123.0/24
194.121.203.0/24
194.121.220.0/22
194.122.76.0-194.122.87.255
194.122.120.0/21
194.122.224.0/20
194.122.248.0/22
194.123.122.0/24
194.123.164.0/24
195.143.0.0/16
212.0.224.0-212.1.31.255
212.14.64.0/19
212.27.160.0/19
212.56.0.0/19
212.81.64.0/18
212.115.128.0/18
212.189.0.0/17
212.221.0.0/17
212.222.0.0/16
213.200.64.0/18
213.251.0.0/18
213.254.192.0/18
217.114.112.0/20
217.117.160.0/20
217.118.112.0/20
217.195.224.0/19
IPv6:
2001:668::/29
2001:680::/32
2a00:1750::/32
Signature Algorithm: sha256WithRSAEncryption
71:6f:b5:9d:a0:cc:ca:f4:54:a2:41:13:bf:03:6e:3f:6e:05:
4a:20:7c:25:e5:c1:f8:25:ca:26:a5:14:43:1d:aa:c8:31:d8:
32:8d:3c:3e:b0:9e:62:25:c4:26:03:a7:ae:57:1c:6f:6b:d8:
23:d4:46:93:66:06:f5:5c:1f:ee:36:cc:4c:58:ed:0c:c4:c2:
c3:a0:d2:b7:3f:1f:6b:9a:f9:c8:5b:10:2c:57:ef:54:b4:a2:
ca:4e:c8:25:e9:f2:42:69:84:46:60:e6:43:ee:95:d8:98:82:
d2:2a:a4:01:57:c6:0e:2f:c0:05:6f:7d:07:fa:1b:3f:de:ad:
be:6e:a4:94:df:88:69:54:6e:98:fe:7a:84:6c:64:51:e0:f7:
7a:10:a3:05:68:8f:93:0b:e4:c1:2f:7e:f2:56:23:e4:4c:6b:
9d:ce:25:90:33:b4:26:d3:3d:b1:20:ae:c6:98:49:a1:15:d8:
a2:56:69:1e:76:16:45:e7:75:51:dd:47:7e:55:57:dd:c7:6f:
65:21:6d:e4:63:0d:62:77:d2:65:d5:ad:26:3a:5d:66:30:a3:
7b:0b:e4:54:41:50:ee:8f:d8:8d:f3:fd:97:35:b7:50:a2:bf:
e8:5e:56:3b:93:22:66:77:81:75:91:77:f7:32:13:bf:8b:1d:
b1:09:ff:f7
-----BEGIN CERTIFICATE-----
MIIHPjCCBiagAwIBAgISAZdEWRRpcYbKMOFxtDoFQIn3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3OWRiZmRmNGMyMGJkYWU4ZDYxMTg1NjZlY2U3NjQ0NGU0
NmQxNzEwHhcNMjUwNjA2MDgyNjE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYzYzZThlYTY5ZDEwNDg2MzI0MDFlYmMzNzg0YThjNDk5YTg4YjhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA365xEvn1h/1GK29thRcpRG0LFrTO
1Iwtz5C+qUzHDgm8TJb0Zs4F+nSFN3IqKZDSAvKlfWtORfItMBPRlRvmxC6e65zM
lZe1viVBbSZ7WGpwyG6531uRsJz8l0LTyMepUh6wc7l8E5J/9YSNjJ8F355FQ0NY
i7EOmOgSTt6dGn9Rizx53IC7B7+FcxsCKr7tPLVPi0GkB+tIG2KlmBGROViJYJD/
i9ie3SS3kJFtyQ9TC0hp+TWAGHrqnaj0SoCr6bIcWSPwXoJcpaVadXfSgaF4SHuL
SMJdkzlJzpSdOnRYFnEgbivbz0YTg5pyIegr2PsZtKSn7ecsYGCW5Ts63QIDAQAB
o4IESjCCBEYwHQYDVR0OBBYEFMxj6Opp0QSGMkAevDeEqMSZqIuOMB8GA1UdIwQY
MBaAFCedv99MIL2ujWEYVm7OdkRORtFxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjUyXzMwd2d2YTZOWVJoV2JzNTJSRTVHMFhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS85ZDU0YTUtMDEzNS00YjE4LTk2MWEt
MGNmMTA5M2Q0NTQ4LzEvekdQbzZtblJCSVl5UUI2OE40U294Sm1vaTQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS85ZDU0YTUtMDEzNS00YjE4LTk2MWEtMGNmMTA5M2Q0NTQ4
LzEvSjUyXzMwd2d2YTZOWVJoV2JzNTJSRTVHMFhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIICXgYIKwYBBQUHAQcBAf8EggJNMIICSTCCAigEAgABMIIC
IAMEBS4hQDALAwMAPikDBAI+KRgDBAA+KSADBAA+KSUwDAMEAz4pOAMEAT4pVAME
AD4pZgMEAD4poAMEBT4ygAMEAj6EAAMEAj6EEAMEAT6EGAMEAD6EHAMEAT6EKjAM
AwQBPoRyAwQBPoR0AwQBPoSEAwQHTUMAAwQGTU2AAwQGV3dAAwQGWZWAMAsDAwBc
RwMEBlxHgAMDAIbeAwQBh8TkAwQBh8ToAwQBh8TuAwQEjYhgAwQCuaAoAwQAwBDK
AwQAwDZoMAwDBAHAQ74DBADAQ8QDBAHAgSADBADAgSQwDAMEAMCBKwMEAMCBLDAM
AwQBwIEuAwQBwIEwAwQAwIE2AwQBwIE4MAsDAwDBjQMEAMGNAjAMAwQDwY0oAwQB
wY0sAwQBwY2MAwQEwfJQAwQAwik+AwQBwi0EAwQBwi0MAwQAwi0vAwQBwi1iAwQB
wi22AwQAwngAAwQAwngrAwQCwnhwAwQCwnh4AwQCwnk0AwQBwnloAwQAwnl7AwQA
wnnLAwQCwnncMAwDBALCekwDBAPCelADBAPCengDBATCeuADBALCevgDBADCe3oD
BADCe6QDAwDDjzAMAwQF1ADgAwQF1AEAAwQF1A5AAwQF1BugAwQF1DgAAwQG1FFA
AwQG1HOAAwQH1L0AAwQH1N0AAwMA1N4DBAbVyEADBAbV+wADBAbV/sADBATZcnAD
BATZdaADBATZdnADBAXZw+AwGwQCAAIwFQMFAyABBmgDBQAgAQaAAwUAKgAXUDAN
BgkqhkiG9w0BAQsFAAOCAQEAcW+1naDMyvRUokETvwNuP24FSiB8JeXB+CXKJqUU
Qx2qyDHYMo08PrCeYiXEJgOnrlccb2vYI9RGk2YG9Vwf7jbMTFjtDMTCw6DStz8f
a5r5yFsQLFfvVLSiyk7IJenyQmmERmDmQ+6V2JiC0iqkAVfGDi/ABW99B/obP96t
vm6klN+IaVRumP56hGxkUeD3ehCjBWiPkwvkwS9+8lYj5Exrnc4lkDO0JtM9sSCu
xphJoRXYolZpHnYWRed1Ud1HflVX3cdvZSFt5GMNYnfSZdWtJjpdZjCjewvkVEFQ
7o/YjfP9lzW3UKK/6F5WO5MiZneBdZF39zITv4sdsQn/9w==
-----END CERTIFICATE-----
Generated at Wed Jun 18 13:38:05 2025 by rpki-client